I'm looking to roll out environments for a puppet installation and wanting to get things square with version control. Before I went to implement what seemed natural in my mind I decided to do some reading, and see what others are doing.

First hit on google is this article which discusses dynamic environments.

While dynamic environments sound great for development, they don't sound safe for live systems. However the article makes the allusion that if you're using dynamic environments you'll be able to rid yourself of a 'single workflow'.

Seems to me though that you're going to have a 'static set of environments', dynamic environments or not, because in production, you'll always be using the production environment. I'd extend that argument to other important live systems, for example pre-production quality assurance boxes.

I'm also assuming for dynamic environments to work, you'd need to run something like this on an agent you plan to test on

puppet agent --environment $dev_branch

Who cares if you expose a fresh dev branch on the puppet master if an agent hasn't been told to use the new environment.

My question - are dynamic environments suitable for things like production boxes, qa boxes, and other important systems; or strictly for development?

Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise.
If this question can be reworded to fit the rules in the help center, please edit the question.

is it common to use.. - Your question basically works out to a 'poll the audience' type question, which doesn't fit well on this site, which is focused on getting a small number of good answers. Your question would work better on this site if you asked something like 'under what conditions are dynamic environments appropriate', or some other question where ask for specific details.
–
ZoredacheOct 4 '13 at 18:53

2 Answers
2

I don't think I understand your question. "Dynamic environments" is simply the name for a style of puppetmaster configuration and git usage that allows you to add and remove puppet environments without having to reconfigure your puppetmaster. Anything you can do the dynamic environments you can do with static environments. The underlying concept of puppet environments remains the same, only the process for managing them on the puppetmaster changes.

Whether or not you have a need to frequently change your puppet environments "in production" really depends on how you manage your infrastructure. If you're curious to find people who do this, consider asking on the puppet mailing list rather than here.

One thing to keep in mind that what puppet calls an "environment" doesn't have to map with what you call environments in your company. For example, you could have a "production" puppet environment that corresponds to the live puppet modules and hiera data in use for your company's production and qa environments, and you could have a "development" puppet environment that corresponds to the puppet modules and hiera data that are still being worked on.

Thanks this is helpful, and maybe this question is still more of a poll type question than anything, so my bad for putting it here... That said, what I'm after is trying to find out whether folks use dynamic environments for anything other than development. Seems to me like you're going to have static environments for the core infrastructure no matter what and thus have to deal with a 'static set of environments' even if you are using dynamic environments for development. Thus a set of permanent branches in the VCS.
–
quickshiftinOct 7 '13 at 3:58

We allow different groups to push into different branches and as a result control set of hosts/configurations allowed to be configured. Nevertheless, common puppet infrastructure shared with all grouprs (as well as base puppet scripts).

Right, but what about production? I assume those boxes always have the production environment, yes? Also, are these other branches tied to specific static environments, or are you allowing/using dynamic environments on those other systems?
–
quickshiftinOct 4 '13 at 19:31

this is in the production. we use environments to 'group' the nodes into a security domains.
–
tigranOct 4 '13 at 19:41

But you don't need dynamic environments to group nodes into security domains, they could be grouped by static environments, so this doesn't answer my question.
–
quickshiftinOct 4 '13 at 19:50